Linux Server Set Up - To Do List

You just got SSH access to your linux server. Now what?

Monday, 9th Jun '14

Linux Server Set Up - To Do List

Just quickly jotting down everything I do to secure my server and make it awesome. I primarily use NodeJS and nginx on my servers, so expect a bias. I like to automagically push changes to my server using git, so that stuff is included too.

This tutorial assumes you have root access (via SSH) to your server. A Digital Ocean droplet for example.

A New User

I always do these 5 things immediately. Don't skip 4, or you might get locked out!

Create a new user

Give the user sudo access

Add SSH keys for easy log in

Test login (using both SSH and password)

Disable root access (using password) to the server

Create a new user by typing this (as long as you're signed in as root):

adduser myUserName

You'll be asked a bunch of questions and guided through the process (including passwords etc.)

Once we've done that, we need to give the user sudo access. Use the below command to do that.

visudo

Search for a line which looks like root ALL=(ALL:ALL) ALL. Append a new line below it with the user you just created.

root ALL=(ALL:ALL) ALL
myUserName ALL=(ALL:ALL) ALL

Save changes, and myUserName now has sudo access rights! For more details, visit this tutorial

Next up, we need to add ssh keys to this user, so that we can log on password free. This is quite straightforward. If you don't have SSH keys generated, checkout this tutorial. Otherwise, all you need to do is copy your public key and paste it into the /home/myUserName/.ssh/authorized_keys. We can acheive this using these commands.

First create a .ssh folder in the remote server

cd /home/myUserName
mkdir .ssh

Then run this on your local machine to copy the public key and paste it on the server. On a mac, the path is ~/.ssh/id_rsa.pub